‘But His Emails!’ — Ukrainian Hackers Hack Hillary Hacker

Lieutenant Colonel Sergey Aleksandrovich MorgachevConfirms DCLeaks caper was by APT28. Also that APT28 is Russian military unit.

Russian GRU officer Sergey Aleksandrovich Morgachev (pictured) is wanted by the FBI for influencing the 2016 presidential election. And now he’s been doxxed by hackers from Ukraine.

Said hackers ordered him sex toys as a parting gift. In today’s SB Blogwatch, we dil-don’t.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Faeries on the bus.

Beware Fancy Bears Bearing Gifts

What’s the craic? Raphael Satter reports—“Ukrainian hackers … compromised Russian spy who hacked Democrats”:

Invasion
Ukrainian hackers claim to have broken into the emails of a senior Russian military spy wanted by the [FBI] for hacking the Hillary Clinton campaign and other senior U.S. Democrats. … A group calling itself Cyber Resistance said it had stolen correspondence from Lt. Col. Sergey Morgachev, who was charged in 2018 with helping organize the hack and leak of emails from the … DNC and the Clinton campaign.

Morgachev’s inbox could potentially hold insight into Russia’s hacking operations, including the operation against Clinton and the Democrats. … The FBI described him as an officer in Russia’s military spy agency [the] GRU. It said his department was “dedicated to developing and managing malware,” including the “X-Agent” spy software used to hack the DNC.

Cyber Resistance [is] one of several Ukrainian hacker gangs that have gained international visibility since Moscow’s full-scale invasion of Ukraine last year.

Morgachev’s group has previous. Kent Masing has more—“Hackers Hack Russian Intel Officer’s Accounts”:

Adult toys
The Ukrainian hacktivist group known as Cyber Resistance … shared Morgachev’s private correspondence with the Ukraine-based volunteer intelligence initiative InformNapalm, which then publicly released the data. … Lt. Col. Sergey Aleksandrovich Morgachev [is] an officer of the Main Directorate of the General Staff of the Russian Armed Forces (GRU) and the leader of the notorious Russian government-backed hacking group APT28.

Morgachev’s APT28 … carried out other cyberattacks against government and non-government targets in the U.S., Germany, Italy, Latvia, Estonia, the Czech Republic, Poland, Norway, the Netherlands and Ukraine. APT28 was behind the phishing attacks against authorities investigating the 2014 Malaysian Airlines MH17 crash. The Russian hacking group was also accused of impersonating the Islamic State to send death threats to the wives of U.S. service members.

The hacktivists shared … scanned copies of Morgachev’s personal documents such as his passport … driver’s license … medical certificate … and Form 4—a document required to receive security clearance to state secrets. [They] also gained access to [his] AliExpress account. They ordered several items to the address linked to his account, including souvenirs featuring the logo of the … FBI and large shipments of adult toys.

Horse’s mouth? InformNapalm’s Roman Burko and Irakli Komaxidze doth dox thuswise—“Hacked: Russian GRU officer”:

Armed aggression
Dumps of his private correspondence were exclusively provided by the … Ukrainian hacktivist team Cyber Resistance [to the] InformNapalm volunteer intelligence community for analysis. … In general, there is a lot of interesting and varied information in the dumps … from vacation and birthday photos with colleagues to technical documentation.

Morgachev led a group of military hackers at the GRU: … In his [résumé], he noted that from 1999 … he served in a military unit of the Russian Ministry of Defense. He managed the special software development department. [His] “Form 4” … (to receive security clearance) [says] he has been working as a “Category 1 Programming Engineer” at Special Technological Center [STC], 21 Gzhatskaya Str., Apt. 53, St. Petersburg, Russia.

STC … plays an important role in supporting the armed aggression of the Russian Federation against Ukraine. … Sanctions have already been imposed on this organization by the United States, [the UK], Canada, Switzerland, Japan, [the] EU … and Ukraine.

And the original hackers, Cyber ​​Resistance, are lost in translation:

AliExpress
He was born in Kyiv, but has worked in Moscow all his life. He graduated from the FSB Academy in 1999 and joined the Russian military intelligence service. This lieutenant colonel in the GRU of the Russian Federation is wanted by the US FBI for a number of serious cybercrimes in various countries around the world.

A very cool and smart hacker, but—we hacked him. … We researched his correspondence, used everything we needed and finally ordered him “gifts” on AliExpress.

Gifts? @klinger66 toasts the hackers:

The world in general, and the sex toy manufacturers of the Pearl River delta in particular, salute you.

I’m fairly sure none of this is news to the FBI. iAmWaySmarterThanYou is way smarter than you: [You’re fired—Ed.]

Hmmm—so? It’s either propaganda created by Ukraine—who aren’t exactly a neutral party regarding Russia—or it’s true (or substantially so), in which case—so?

The guy was known. The article doesn’t reveal anything particularly interesting every intelligence agency on the planet wouldn’t already know. This looks more like an “arf arf arf got you!” thing, rather than a true intelligence win.

How come these super 1337 haxorz need to work in the military? darthrupert is not your father:

[Russia] had significant intellectual capital until Putin seemingly single-handedly destroyed it all. … Over the last two decades we had plenty of immigrants from and outsourcing to people in Russia and ex-Soviet countries, and as a rule, those people are great programmers.

How did that destruction happen? Masha Borak tells a fascinating, depressing story—“Russia killed its tech industry”:

Isolation and chaos
It has now been over a year since the full-scale invasion of Ukraine began, with more than 8,300 recorded civilian deaths and counting. The tech workers who left everything behind to flee Russia warn that the country is … cut off from the global tech industry, research, funding, scientific exchanges, and critical components.

In Russia, technology was one of the few sectors where people felt they could succeed on merit instead of connections. [And] it was one of the main drivers of the economy. … The industry also maintained a spirit of openness: Russian entrepreneurs … made deals all over the world. For a time, the Kremlin seemed to embrace this.

But cracks … started appearing well before the war. For more than a decade, the government has … put Russia’s internet and its most powerful tech companies in a tight grip, threatening an industry that once promised to bring the country into the future. … Russia’s war against Ukraine only accelerated the damage … further pushing the country’s biggest tech companies into isolation and chaos.

And, at the same time, Ukraine is home to incredible talent. As explained by lilTimmy:

Guess what, there are talented Ukrainian programmers who have a specific group of people they dislike. … Gives them good reason to target them.

Meanwhile, Tablizer questions everything:

Did they find the Soros Deep State Pizza Pedo Basement JFK Jr. files that connect Hunter’s laptop to the Jewish space laser using the network of vaccine-embedded 5G chips made by B. Gates?

And Finally:

Melanie vs. Martinez

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.

Image sauce: Lieutenant Colonel Sergey Aleksandrovich Morgachev, via InformNapalm

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 595 posts and counting.See all posts by richi